← back
CVE-2025-53813

TCC Bypass via misconfigured Node fuses in Nozbe

CVSS 4.8 MEDIUMEPSS 0.1%CWE-276
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.8EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
26 Aug 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency, Consent, and Control) permissions.  Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission. This issue was fixed in version 2025.11 of Nozbe.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Affected products
Nozbe · Nozbe

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →